Skip to content
Menu
IT-DRAFTS
  • About
  • My Statistics at Microsoft Q&A
  • Privacy policy
IT-DRAFTS

Tag: Cybersecurity

July 9, 2025July 9, 2025

DPAPI: The Granddaddy of Windows Crypto (and your secrets)

Hey hey, so, n0w lets talk about DPAPI DPAPI is ‘Data Protection API’ is Windows’ native system for encrypting stuff like saved credentials, cookies, Wi-Fi passwords, and personal certs. Introduced in Windows 2000, it’s the ancient beast that still powers a terrifying amount of “secure storage” in modern Windows. 🧠 Under the Hood Based on…

Read More
June 20, 2025June 20, 2025

Break the Chain: Why FIDO2 Is Killing Passwords for Good

Hey, let’s be honest: passwords are over. SMS‑codes, pushpopups, totp tokens, great in theory, weak in real‑life fights. bad guys surf that weakness like it’s a goldmine. phishing got too smart, MFA fatigue is real, and attackers no longer brute-force, they social-engineer the hell out of u. that’s where FIDO2 crashes in like a hero,…

Read More
June 6, 2025June 6, 2025

Your Certificate Authority might betray u, like… for real :)))

aka: how to stop trusting blindly and lock down ur Microsoft ca before it ruins ur life What’s the big deal, why care about some “ca”? So CA is a topic a spicy one. like, most people don’t even think about certificate authority. it’s just “one of those servers in the corner” that got set…

Read More
May 22, 2025

Scheduled Password Changes Are an Outdated Practice

Hi for All and have a nice time, so today we are talking about passwords (ready?) Let’s think! • In most IT systems and various companies, mandatory periodic password changes are a common rule. At my company, passwords must be changed every three months. Do you think this approach is correct? After all, this practice…

Read More
February 21, 2025

OWASP Top 10 NHIs Risks 2025

1. Improper Offboarding When NHIs (Non-Human Identities) like service accounts, API keys, and machine credentials are not properly offboarded, they can become a security risk. This includes failing to deactivate old or deprecated secrets, leading to “zombie NHIs” that attackers can exploit. Automating the NHIs lifecycle ensures stale secrets are discovered and revoked, reducing attack…

Read More
February 19, 2025

How EDR Works?

Hu for All, that image appears to be an infographic or presentation slide explaining how Endpoint Detection and Response (EDR) works in cybersecurity. 1. **EDR Overview**: EDR is a cybersecurity solution that continuously monitors and analyzes endpoint activities to detect, investigate, and respond to threats like malware and ransomware. It records system behaviors, uses data…

Read More
July 19, 2024

Global Windows Crash with CrowdStrike protection systems installed

Global Windows Crash firstly- how to repair – from Russian experts!!! 1. Restart Windows and boot into Safe mode 2. Open a command prompt 3. Go to C:\Windows\System32\drivers\CrowdStrike 4. Locate the file matching “C-00000291* sys”, and delete it. [or Rename the file CSAgent.sys to something else, eg. donotcrash.sys] 5. Continue normal startup )))))))))) no need…

Read More
July 10, 2024

GDPR what the….

In May 2018, Europe will be switching to the updated regulations for the processing of personal data set by the General Data Protection Regulation (GDPR). This regulation, which directly applies in all 28 EU countries, replaces the Framework Directive on Personal Data Protection 95/46/EC from October 24, 1995. An important aspect of the GDPR is…

Read More
July 9, 2024

CYBERSECURITY INCIDENT RESPONSE PLAN “A”

Hello everyone, since I do consultations for my friends from time to time, I suggest you do a review of CYBERSECURITY INCIDENT RESPONSE PLAN. So, I sincerely hope it will be interesting. Standards: NIST Special Publication 800-61 NIST Cybersecurity Framework (CSF) Compliance: ISO 27001 – A.16 PCI DSS 3 – 10, 12.9 Regulation: EU GDPR…

Read More
May 3, 2024

Microsoft is investigating issues with VPNs and the latest Windows 11 update.

Microsoft has acknowledged reports of VPN connection issues after installing the April 2024 Windows 11 update, according to a report from Reddit user Flo-TPG. The KB5036893 security update, released on April 9 for all supported Windows 11 versions, has caused some users to experience issues with VPN connections that use TPM-backed certificates. According to Microsoft,…

Read More

Categories

ActiveDirectory AI Azure AzureAI cloudnetworking CloudSecurity Copilot Cybersecurity DataProtection DataSecurity DevOps DNS enterpriseai Entra entraID Howto hybridcloud IncidentResponse Innovation insider licensing MFA Microsoft Microsoft365 Microsoft AI MicrosoftAzure microsoftcloud microsoftentra MicrosoftOffice Microsoft Product OfficeSuite OWASP promptinjection sam Security socialengineering software SoftwareUpdate TechNews Technology updates Windows Windows10 Windows11 zeroTrust

Archives

  • July 2025
  • June 2025
  • May 2025
  • February 2025
  • October 2024
  • September 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
No comments to show.

Recent Comments

Recent Posts

  • Azure WAF vs Entra External ID: When Your Firewall Starts Shooting the Good Guys
  • DPAPI: The Granddaddy of Windows Crypto (and your secrets)
  • Microsoft Just Threw Windows Licensing into the Cloud — And Locked It Inside Confidential VMs
  • Windows LAPS with Intune: One admin password per device, finally.
  • Baseline Wipeout: How Intune Just Nuked Its Own Security Promise
©2025 IT-DRAFTS | Powered by WordPress and Superb Themes!